{
  "cells": [
    {
      "cell_type": "markdown",
      "metadata": {},
      "source": [
        "## 11.9 \u7b80\u5355\u7684\u5ba2\u6237\u7aef\u8ba4\u8bc1\n"
      ]
    },
    {
      "cell_type": "markdown",
      "metadata": {},
      "source": [
        "### \u95ee\u9898\n"
      ]
    },
    {
      "cell_type": "markdown",
      "metadata": {},
      "source": [
        "\u4f60\u60f3\u5728\u5206\u5e03\u5f0f\u7cfb\u7edf\u4e2d\u5b9e\u73b0\u4e00\u4e2a\u7b80\u5355\u7684\u5ba2\u6237\u7aef\u8fde\u63a5\u8ba4\u8bc1\u529f\u80fd\uff0c\u53c8\u4e0d\u60f3\u50cfSSL\u90a3\u6837\u7684\u590d\u6742\u3002"
      ]
    },
    {
      "cell_type": "markdown",
      "metadata": {},
      "source": [
        "### \u89e3\u51b3\u65b9\u6848\n"
      ]
    },
    {
      "cell_type": "markdown",
      "metadata": {},
      "source": [
        "\u53ef\u4ee5\u5229\u7528 hmac \u6a21\u5757\u5b9e\u73b0\u4e00\u4e2a\u8fde\u63a5\u63e1\u624b\uff0c\u4ece\u800c\u5b9e\u73b0\u4e00\u4e2a\u7b80\u5355\u800c\u9ad8\u6548\u7684\u8ba4\u8bc1\u8fc7\u7a0b\u3002\u4e0b\u9762\u662f\u4ee3\u7801\u793a\u4f8b\uff1a"
      ]
    },
    {
      "cell_type": "code",
      "execution_count": null,
      "metadata": {},
      "outputs": [],
      "source": [
        "import hmac\nimport os\n\ndef client_authenticate(connection, secret_key):\n    '''\n    Authenticate client to a remote service.\n    connection represents a network connection.\n    secret_key is a key known only to both client/server.\n    '''\n    message = connection.recv(32)\n    hash = hmac.new(secret_key, message)\n    digest = hash.digest()\n    connection.send(digest)\n\ndef server_authenticate(connection, secret_key):\n    '''\n    Request client authentication.\n    '''\n    message = os.urandom(32)\n    connection.send(message)\n    hash = hmac.new(secret_key, message)\n    digest = hash.digest()\n    response = connection.recv(len(digest))\n    return hmac.compare_digest(digest,response)"
      ]
    },
    {
      "cell_type": "markdown",
      "metadata": {},
      "source": [
        "\u57fa\u672c\u539f\u7406\u662f\u5f53\u8fde\u63a5\u5efa\u7acb\u540e\uff0c\u670d\u52a1\u5668\u7ed9\u5ba2\u6237\u7aef\u53d1\u9001\u4e00\u4e2a\u968f\u673a\u7684\u5b57\u8282\u6d88\u606f\uff08\u8fd9\u91cc\u4f8b\u5b50\u4e2d\u4f7f\u7528\u4e86 os.urandom() \u8fd4\u56de\u503c\uff09\u3002\n\u5ba2\u6237\u7aef\u548c\u670d\u52a1\u5668\u540c\u65f6\u5229\u7528hmac\u548c\u4e00\u4e2a\u53ea\u6709\u53cc\u65b9\u77e5\u9053\u7684\u5bc6\u94a5\u6765\u8ba1\u7b97\u51fa\u4e00\u4e2a\u52a0\u5bc6\u54c8\u5e0c\u503c\u3002\u7136\u540e\u5ba2\u6237\u7aef\u5c06\u5b83\u8ba1\u7b97\u51fa\u7684\u6458\u8981\u53d1\u9001\u7ed9\u670d\u52a1\u5668\uff0c\n\u670d\u52a1\u5668\u901a\u8fc7\u6bd4\u8f83\u8fd9\u4e2a\u503c\u548c\u81ea\u5df1\u8ba1\u7b97\u7684\u662f\u5426\u4e00\u81f4\u6765\u51b3\u5b9a\u63a5\u53d7\u6216\u62d2\u7edd\u8fde\u63a5\u3002\u6458\u8981\u7684\u6bd4\u8f83\u9700\u8981\u4f7f\u7528 hmac.compare_digest() \u51fd\u6570\u3002\n\u4f7f\u7528\u8fd9\u4e2a\u51fd\u6570\u53ef\u4ee5\u907f\u514d\u906d\u5230\u65f6\u95f4\u5206\u6790\u653b\u51fb\uff0c\u4e0d\u8981\u7528\u7b80\u5355\u7684\u6bd4\u8f83\u64cd\u4f5c\u7b26\uff08==\uff09\u3002\n\u4e3a\u4e86\u4f7f\u7528\u8fd9\u4e9b\u51fd\u6570\uff0c\u4f60\u9700\u8981\u5c06\u5b83\u96c6\u6210\u5230\u5df2\u6709\u7684\u7f51\u7edc\u6216\u6d88\u606f\u4ee3\u7801\u4e2d\u3002\u4f8b\u5982\uff0c\u5bf9\u4e8esockets\uff0c\u670d\u52a1\u5668\u4ee3\u7801\u5e94\u8be5\u7c7b\u4f3c\u4e0b\u9762\uff1a"
      ]
    },
    {
      "cell_type": "code",
      "execution_count": null,
      "metadata": {},
      "outputs": [],
      "source": [
        "from socket import socket, AF_INET, SOCK_STREAM\n\nsecret_key = b'peekaboo'\ndef echo_handler(client_sock):\n    if not server_authenticate(client_sock, secret_key):\n        client_sock.close()\n        return\n    while True:\n\n        msg = client_sock.recv(8192)\n        if not msg:\n            break\n        client_sock.sendall(msg)\n\ndef echo_server(address):\n    s = socket(AF_INET, SOCK_STREAM)\n    s.bind(address)\n    s.listen(5)\n    while True:\n        c,a = s.accept()\n        echo_handler(c)\n\necho_server(('', 18000))\n\nWithin a client, you would do this:\n\nfrom socket import socket, AF_INET, SOCK_STREAM\n\nsecret_key = b'peekaboo'\n\ns = socket(AF_INET, SOCK_STREAM)\ns.connect(('localhost', 18000))\nclient_authenticate(s, secret_key)\ns.send(b'Hello World')\nresp = s.recv(1024)"
      ]
    },
    {
      "cell_type": "markdown",
      "metadata": {},
      "source": [
        "### \u8ba8\u8bba\n"
      ]
    },
    {
      "cell_type": "markdown",
      "metadata": {},
      "source": [
        "hmac \u8ba4\u8bc1\u7684\u4e00\u4e2a\u5e38\u89c1\u4f7f\u7528\u573a\u666f\u662f\u5185\u90e8\u6d88\u606f\u901a\u4fe1\u7cfb\u7edf\u548c\u8fdb\u7a0b\u95f4\u901a\u4fe1\u3002\n\u4f8b\u5982\uff0c\u5982\u679c\u4f60\u7f16\u5199\u7684\u7cfb\u7edf\u6d89\u53ca\u5230\u4e00\u4e2a\u96c6\u7fa4\u4e2d\u591a\u4e2a\u5904\u7406\u5668\u4e4b\u95f4\u7684\u901a\u4fe1\uff0c\n\u4f60\u53ef\u4ee5\u4f7f\u7528\u672c\u8282\u65b9\u6848\u6765\u786e\u4fdd\u53ea\u6709\u88ab\u5141\u8bb8\u7684\u8fdb\u7a0b\u4e4b\u95f4\u624d\u80fd\u5f7c\u6b64\u901a\u4fe1\u3002\n\u4e8b\u5b9e\u4e0a\uff0c\u57fa\u4e8e hmac \u7684\u8ba4\u8bc1\u88ab multiprocessing \u6a21\u5757\u4f7f\u7528\u6765\u5b9e\u73b0\u5b50\u8fdb\u7a0b\u76f4\u63a5\u7684\u901a\u4fe1\u3002"
      ]
    },
    {
      "cell_type": "markdown",
      "metadata": {},
      "source": [
        "\u8fd8\u6709\u4e00\u70b9\u9700\u8981\u5f3a\u8c03\u7684\u662f\u8fde\u63a5\u8ba4\u8bc1\u548c\u52a0\u5bc6\u662f\u4e24\u7801\u4e8b\u3002\n\u8ba4\u8bc1\u6210\u529f\u4e4b\u540e\u7684\u901a\u4fe1\u6d88\u606f\u662f\u4ee5\u660e\u6587\u5f62\u5f0f\u53d1\u9001\u7684\uff0c\u4efb\u4f55\u4eba\u53ea\u8981\u60f3\u76d1\u542c\u8fd9\u4e2a\u8fde\u63a5\u7ebf\u8def\u90fd\u80fd\u770b\u5230\u6d88\u606f\uff08\u5c3d\u7ba1\u53cc\u65b9\u7684\u5bc6\u94a5\u4e0d\u4f1a\u88ab\u4f20\u8f93\uff09\u3002"
      ]
    },
    {
      "cell_type": "markdown",
      "metadata": {},
      "source": [
        "hmac\u8ba4\u8bc1\u7b97\u6cd5\u57fa\u4e8e\u54c8\u5e0c\u51fd\u6570\u5982MD5\u548cSHA-1\uff0c\u5173\u4e8e\u8fd9\u4e2a\u5728IETF RFC 2104\u4e2d\u6709\u8be6\u7ec6\u4ecb\u7ecd\u3002"
      ]
    }
  ],
  "metadata": {
    "kernelspec": {
      "display_name": "Python 3",
      "language": "python",
      "name": "python3"
    },
    "language_info": {
      "codemirror_mode": {
        "name": "ipython",
        "version": 3
      },
      "file_extension": ".py",
      "mimetype": "text/x-python",
      "name": "python",
      "nbconvert_exporter": "python",
      "pygments_lexer": "ipython3",
      "version": "3.7.1"
    },
    "toc": {
      "base_numbering": 1,
      "nav_menu": {},
      "number_sections": true,
      "sideBar": true,
      "skip_h1_title": true,
      "title_cell": "Table of Contents",
      "title_sidebar": "Contents",
      "toc_cell": false,
      "toc_position": {},
      "toc_section_display": true,
      "toc_window_display": true
    }
  },
  "nbformat": 4,
  "nbformat_minor": 2
}